[systemd-devel] WebUSB
Lars Knudsen
larsgk at gmail.com
Mon Jan 9 09:55:58 UTC 2017
On Jan 9, 2017 10:53, "Mantas Mikulėnas" <grawity at gmail.com> wrote:
On Mon, Jan 9, 2017 at 11:20 AM, Lars Knudsen <larsgk at gmail.com> wrote:
Hi,
I am currently looking into how we can make using WebUSB devices less
painful for users on Linux.
The main purpose of WebUSB (as far as I can see) is to enable certain CDC
(in particular - but not limited to) devices communicate directly with
browsers visiting certain trusted sites (listed inside a binary object
store - sent on initial handshake).
The spec is here: https://wicg.github.io/webusb/ (already running fine in
chrome stable)
Examples:
https://www.youtube.com/watch?v=Z1Nk2hH2wFE
https://www.youtube.com/watch?v=o7wGt9RfHVA
https://twitter.com/denladeside/status/817451203076427783
I'm guessing the solution will consist of 2 parts:
1. make sure no WebUSB device is picked up by modemmanager (modemmanager
task)
2. make sure that webusb devices will be somehow accessible to be used by a
browser running with user permissions (current temp solution listed here:
adding user to plugdev, adding 0664 permissions to device:
https://developers.google.com/web/updates/2016/03/access-
usb-devices-on-the-web ) (udev/systemd task).
For 2. we need to either making all webusb devices accessible or find some
other way the browsers can - in a generic way - gain access. In all cases,
it's important that no USB interfaces has been pre-claimed by the system
(e.g. by cdc_acm) or it should be possible for the browser to throw off the
claims.
I'm not sure how ModemManager could possibly avoid claiming a device based
on a website visit that will happen *sometime in the future*, if ever.
It is in the USB descriptors. Should be easy to do a clean detection. It is
not likely anyone would ever make a modem with webusb descriptors.
As for permissions, uaccess might work if the device types are known (see
e.g. the Yubikey udev rules), but... somehow, it sounds like webapps will
end up being more privileged than local software, a bit odd.
--
Mantas Mikulėnas <grawity at gmail.com>
--
Mantas Mikulėnas <grawity at gmail.com>
Sent from my phone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20170109/85daa2a9/attachment-0001.html>
More information about the systemd-devel
mailing list